@aaronpk@t Yes yes yes - token-based auth is definitely what I've been thinking about too. Awesome. Alas, apparently need to have a root canal on Tues instead of coming and hacking. But I'll show up afterwards.
@aaronpk@t idno's got access permissions baked into it already - attaching tokens to those means you can have per-item security according to groups of users. That, together with contacts (also important) is the big thing I wanted to do next. You've solved a huge part of the puzzle.